chore(deps): update dependency erlang to v28.3 #152

Merged

renovate merged 1 commit from renovate/erlang-28.x into main 2025-12-11 00:04:36 +00:00

Conversation 0 Commits 1 Files changed 1 +1 -1

renovate commented 2025-12-11 00:03:38 +00:00

Member

Copy link

This PR contains the following updates:

Package	Update	Change
erlang	minor	28.2 -> 28.3

---

Release Notes

erlang/otp (erlang)

v28.3: OTP 28.3

Compare Source

Patch Package:           OTP 28.3
Git Tag:                 OTP-28.3
Date:                    2025-12-10
Trouble Report Id:       OTP-16607, OTP-19066, OTP-19626, OTP-19717,
                         OTP-19738, OTP-19743, OTP-19767, OTP-19769,
                         OTP-19777, OTP-19787, OTP-19789, OTP-19794,
                         OTP-19797, OTP-19798, OTP-19802, OTP-19803,
                         OTP-19805, OTP-19808, OTP-19812, OTP-19814,
                         OTP-19819, OTP-19821, OTP-19823, OTP-19828,
                         OTP-19829, OTP-19833, OTP-19835, OTP-19836,
                         OTP-19837, OTP-19840, OTP-19841, OTP-19843,
                         OTP-19847, OTP-19848, OTP-19850, OTP-19852,
                         OTP-19854, OTP-19855, OTP-19856, OTP-19857,
                         OTP-19859, OTP-19862, OTP-19863, OTP-19867,
                         OTP-19869, OTP-19870, OTP-19872, OTP-19873,
                         OTP-19875, OTP-19876, OTP-19877, OTP-19878,
                         OTP-19879, OTP-19880, OTP-19883, OTP-19884,
                         OTP-19885, OTP-19888
Seq num:                 ERIERL-1251, GH-10254, GH-10255, GH-10280,
                         GH-10282, GH-10294, GH-10299, GH-10322,
                         GH-10330, GH-10347, GH-10367, GH-10368,
                         GH-10404, GH-10432, GH-8235, GH-8329,
                         GH-9997, OTP-16608, OTP-19814, PR-10064,
                         PR-10128, PR-10149, PR-10177, PR-10186,
                         PR-10216, PR-10231, PR-10232, PR-10236,
                         PR-10237, PR-10242, PR-10252, PR-10256,
                         PR-10257, PR-10262, PR-10268, PR-10275,
                         PR-10283, PR-10288, PR-10307, PR-10308,
                         PR-10309, PR-10314, PR-10315, PR-10317,
                         PR-10321, PR-10323, PR-10326, PR-10333,
                         PR-10335, PR-10344, PR-10349, PR-10353,
                         PR-10362, PR-10364, PR-10369, PR-10374,
                         PR-10379, PR-10383, PR-10388, PR-10390,
                         PR-10391, PR-10394, PR-10398, PR-10405,
                         PR-10406, PR-10410, PR-10428, PR-10435,
                         PR-10439, PR-10452, PR-8309, PR-9983
System:                  OTP
Release:                 28
Application:             common_test-1.29.1, compiler-9.0.4,
                         crypto-5.8, diameter-2.6,
                         erl_interface-5.6.2, erts-16.2, eunit-2.10.1,
                         inets-9.5, kernel-10.5, mnesia-4.25,
                         os_mon-2.11.2, public_key-1.20, snmp-5.20,
                         ssh-5.4, ssl-11.5, stdlib-7.2, wx-2.5.3
Predecessor:             OTP 28.2

Check out the git tag OTP-28.3, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below.

HIGHLIGHTS

• Add support for MLKEM hybrid algorithms x25519mlkem768, secp384r1mlkem1024, secp256r1mlkem768 in TLS-1.3

  Own Id: OTP-19767
  Application(s): ssl
  Related Id(s): PR-10262

• Support for the socket options TCP_KEEPCNT, TCP_KEEPIDLE, and TCP_KEEPINTVL have been implemented for gen_tcp, as well as TCP_USER_TIMEOUT for both gen_tcp and socket.

  Own Id: OTP-19857
  Application(s): erts, kernel
  Related Id(s): PR-10390, OTP-19814

• Add support in public_key and ssl for post quantum algorithm SLH-DSA.

  Own Id: OTP-19867
  Application(s): public_key, ssl
  Related Id(s): PR-10398

• Publish OpenVEX statements in https://erlang.org/download/vex/

  OpenVEX statements contain the same information as the OTP advisories, with the addition of vendor CVEs for which Erlang/OTP is not affected. This is important to silence vulnerability scanners that may claim Erlang/OTP to be vulnerable to vendor dependency projects, e.g., openssl.

  OpenVEX statements will be published in https://erlang.org/download/vex/ where there will be an OTP file per release, e.g., https://erlang.org/download/vex/otp-28.openvex.json.

  Erlang/OTP publishes OpenVEX statements for all supported releases, that is, as of today, OTP-26, OTP-27, and OTP-28.

  The source SBOM tooling (oss-review-toolkit) has been updated to produce source SBOM in SPDX v2.3 format, and the source SBOM now links OpenVEX statements to a security external reference. This means that by simply analyzing the source SBOM, everyone can further read the location of the OpenVEX statements and further process them.

  Own Id: OTP-19878
  Application(s): otp
  Related Id(s): PR-10428, PR-10452

POTENTIAL INCOMPATIBILITIES

• Adjustment in ssh_file module allowing inclusion of Erlang/OTP license in test files containing keys.

  Own Id: OTP-19743
  Application(s): ssh
  Related Id(s): PR-10177

OTP-28.3

Fixed Bugs and Malfunctions

• Broken sidebar application index, for all OTP applications, are restored.

  Own Id: OTP-19877
  Related Id(s): ERIERL-1251, PR-10410

Improvements and New Features

• Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with purl pointing to the exact vendor commit that Erlang/OTP builds upon.

  Own Id: OTP-19777
  Related Id(s): PR-10216

• OpenVEX statements has been added to rule out false positives on vendor dependencies: CVE-2025-9230, CVE-2025-9231, CVE-2025-9232

  Own Id: OTP-19802
  Related Id(s): GH-10254, GH-10255, PR-10256

• The mnesia_registry module will be removed in Erlang/OTP 29.

  Own Id: OTP-19808
  Related Id(s): PR-10275

• Publish OpenVEX statements in https://erlang.org/download/vex/

  OpenVEX statements contain the same information as the OTP advisories, with the addition of vendor CVEs for which Erlang/OTP is not affected. This is important to silence vulnerability scanners that may claim Erlang/OTP to be vulnerable to vendor dependency projects, e.g., openssl.

  OpenVEX statements will be published in https://erlang.org/download/vex/ where there will be an OTP file per release, e.g., https://erlang.org/download/vex/otp-28.openvex.json.

  Erlang/OTP publishes OpenVEX statements for all supported releases, that is, as of today, OTP-26, OTP-27, and OTP-28.

  The source SBOM tooling (oss-review-toolkit) has been updated to produce source SBOM in SPDX v2.3 format, and the source SBOM now links OpenVEX statements to a security external reference. This means that by simply analyzing the source SBOM, everyone can further read the location of the OpenVEX statements and further process them.

  Own Id: OTP-19878
  Related Id(s): PR-10428, PR-10452

  *** HIGHLIGHT ***

common_test-1.29.1

The common_test-1.29.1 application can be applied independently of other applications on a full OTP 28 installation.

Improvements and New Features

• Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with purl pointing to the exact vendor commit that Erlang/OTP builds upon.

  Own Id: OTP-19777
  Related Id(s): PR-10216

Full runtime dependencies of common_test-1.29.1

compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0, stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8

compiler-9.0.4

The compiler-9.0.4 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• For some function heads or case expressions with a huge number of clauses, the compiler could spend an inordinate amount of time compiling the code.

  Own Id: OTP-19797
  Related Id(s): PR-10252

• Passing a type for a fun as a macro argument would result in a "badly formed argument" error message from the compiler. Example:

  -module(test).
  -define(FOO(X), X).
  -type foo() :: ?FOO(fun(() -> ok)).
  

  Compiling this module would result in the following error message:

  test.erl:3:17: badly formed argument for macro 'FOO'
  %    5| -type foo() :: ?FOO(fun(() -> ok)).
  %
  

  Own Id: OTP-19821
  Related Id(s): GH-10280, PR-10309

• In certain edge cases, the compiler could emit code that would do an unsafe destructive update of a tuple. This has been corrected.

  Own Id: OTP-19879
  Related Id(s): GH-10367, PR-10435

Improvements and New Features

• The compiler option beam_debug_stack combined with beam_debug_info will attempt to make as many variables as possible visible in the debugger. The option has no effect if given without beam_debug_info.

  Own Id: OTP-19854
  Related Id(s): PR-10374

Full runtime dependencies of compiler-9.0.4

crypto-5.1, erts-13.0, kernel-8.4, stdlib-6.0

crypto-5.8

The crypto-5.8 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• The deprecated function crypto:rand_uniform/2 has gotten a new replacement function crypto:strong_rand_range/1. When implementing this the documentation of crypto and rand has been rewritten a bit and improved.

  Own Id: OTP-19841
  Related Id(s): PR-10344

Improvements and New Features

• You can now build OTP with OpenSSL 3.5 or later on windows.

  Own Id: OTP-19848

• Added SLH-DSA algorithms for sign/verify. Twelve variants supported in total; all combinations of SHAKE or SHA2 hashing, with 128, 192 or 256 bits, and fast(f) or small(s).

  Own Id: OTP-19856
  Related Id(s): PR-10268

• Made crypto:generate_key(dh, [P, G, MaxPrivateKeyBitLength]) accept values of MaxPrivateKeyBitLength to be equal or larger than the bit length of P. If so, the maximum bit length is adjusted down to P's bit length minus one.

  Own Id: OTP-19872
  Related Id(s): PR-10394

Full runtime dependencies of crypto-5.8

erts-9.0, kernel-6.0, stdlib-3.9

diameter-2.6

The diameter-2.6 application can be applied independently of other applications on a full OTP 28 installation.

Improvements and New Features

• Add new option 'indirect_inherits' to diameter_make:codec/2

  Own Id: OTP-19626
  Related Id(s): GH-8235, PR-10149

Full runtime dependencies of diameter-2.6

erts-10.0, kernel-3.2, ssl-9.0, stdlib-5.0

erl_interface-5.6.2

The erl_interface-5.6.2 application can be applied independently of other applications on a full OTP 28 installation.

Improvements and New Features

• Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with purl pointing to the exact vendor commit that Erlang/OTP builds upon.

  Own Id: OTP-19777
  Related Id(s): PR-10216

• Updated MD5 implementation from OpenSSL 3.5.0 to 3.6.0

  Own Id: OTP-19870
  Related Id(s): PR-10405

Known Bugs and Problems

• The ei API for decoding/encoding terms is not fully 64-bit compatible since terms that have a representation on the external term format larger than 2 GB cannot be handled.

  Own Id: OTP-16607
  Related Id(s): OTP-16608

erts-16.2

The erts-16.2 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• Fixed a build issue on modern compilers.

  Own Id: OTP-19789
  Related Id(s): PR-9983

• When multiple processes called the same fun whose defining module was not loaded, a badfun exception could sometimes occur in one of the calling processes. This would only happen with the JIT runtime system.

  Own Id: OTP-19803
  Related Id(s): PR-10257

• Fix a bug where Erlang/OTP tools could load a different boot script from CWD.

  Own Id: OTP-19819
  Related Id(s): PR-10317

• Fixed a bug when more than one session traced the same BIF. Disabling tracing for a BIF in one session could incorrectly disable tracing of the BIF in other trace sessions as well.

  Own Id: OTP-19840
  Related Id(s): PR-10349

• Fixed a slight performance regression in erlang:binary_to_term/1,2.

  Own Id: OTP-19859
  Related Id(s): GH-8329, PR-10383

• Two socket related code warts found by PVS Studio has been fixed. One caused gen_tcp to no convert the send error econnaborted to econnreset on Windows. The other caused socket:sendfile/* to indicate the wrong error for a bad Offset.

  Own Id: OTP-19862
  Related Id(s): PR-10362, PR-10388

• Fixed bug causing VM crash if an Erlang process gets killed while executing re:run with a (presumably) large subject string.

  Own Id: OTP-19888
  Related Id(s): GH-10432, PR-10439

Improvements and New Features

• Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with purl pointing to the exact vendor commit that Erlang/OTP builds upon.

  Own Id: OTP-19777
  Related Id(s): PR-10216

• Receive buffer allocation has been optimized for socket socket in that an underutilized buffers' content is copied to a freshly allocated binary of the right size instead of being reallocated.

  This optimization was already implemented for the socket:recv/1 functions, but now the same buffer stragegy is shared between all socket receive operations.

  Own Id: OTP-19794
  Related Id(s): PR-10231

• Option(s) to create gen_tcp and socket sockets with protocol IPPROTO_MPTCP has been implemented.

  See functions gen_tcp:listen/2, gen_tcp:connect/4 and the type socket:protocol/0.

  Own Id: OTP-19814

• erlc will now limit the number of ports and processes when starting erl in order to use less memory.

  Own Id: OTP-19852
  Related Id(s): PR-10364

• Support for the socket options TCP_KEEPCNT, TCP_KEEPIDLE, and TCP_KEEPINTVL have been implemented for gen_tcp, as well as TCP_USER_TIMEOUT for both gen_tcp and socket.

  Own Id: OTP-19857
  Related Id(s): PR-10390, OTP-19814

  *** HIGHLIGHT ***

• Limit size of sctp_event_subscribe on Linux

  Own Id: OTP-19863
  Related Id(s): PR-10321

• Updated MD5 implementation from OpenSSL 3.5.0 to 3.6.0

  Own Id: OTP-19870
  Related Id(s): PR-10405

• Improved performance when doing socket:accept on the same socket from many processes on large multi core systems under high rate of connections. Mitigating performance regression seen since OTP 28.0.

  Own Id: OTP-19873
  Related Id(s): GH-10322, PR-10323

• Updated STL version used.

  Own Id: OTP-19876

• Updated PCRE2 to 10.47. Also picked newer fix, from upstream PCRE2, to bug that could cause benign random uninitialized data in exported regular expressions.

  Own Id: OTP-19880
  Related Id(s): PR-10391

Full runtime dependencies of erts-16.2

kernel-9.0, sasl-3.3, stdlib-4.1

eunit-2.10.1

The eunit-2.10.1 application can be applied independently of other applications on a full OTP 28 installation.

Improvements and New Features

• The usages of deprecated slave module have been removed from the application. The fixture clause for spawning a test node now accepts Args either as a string or a list of strings (previously only a string was accepted).

  Own Id: OTP-19738
  Related Id(s): PR-10128

Full runtime dependencies of eunit-2.10.1

erts-9.0, kernel-5.3, stdlib-6.0

inets-9.5

The inets-9.5 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• Fixed uri_string:uri_string() to string() type specs inside httpc.erl module.

  Own Id: OTP-19835
  Related Id(s): PR-10242

• Fixed a bug where request options were not applied to a https proxy connection.

  Own Id: OTP-19875
  Related Id(s): GH-10368, PR-10369

Improvements and New Features

• The usages of slave module in inets were removed. The httpd_bench_suite has been updated for SSL testing and is not skipped anymore. The httpd_load_test example has been removed completely as outdated.

  Own Id: OTP-19717
  Related Id(s): PR-10064

• Replace a call to application:which_applications() in httpc:set_options/2 with try...catch to reduce bottleneck.

  Own Id: OTP-19884
  Related Id(s): GH-10282, PR-10307

Full runtime dependencies of inets-9.5

erts-14.0, kernel-9.0, mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, ssl-9.0, stdlib-5.0, stdlib-6.0

kernel-10.5

The kernel-10.5 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• Fixed a shell crash when calling io:getopts() when user_drv process is not responding/terminating

  Own Id: OTP-19812
  Related Id(s): PR-10283

• logger:get_handler_config/0 will no longer crash if a logger handler is removed concurrently with that call.

  Own Id: OTP-19837
  Related Id(s): GH-9997, PR-10308

• Fixed a bug in the shell that made it incorrectly output a newline after the output already containing a newline but followed by an asci escape sequence.

  Own Id: OTP-19847
  Related Id(s): GH-10299

Improvements and New Features

• Receive buffer allocation has been optimized for socket socket in that an underutilized buffers' content is copied to a freshly allocated binary of the right size instead of being reallocated.

  This optimization was already implemented for the socket:recv/1 functions, but now the same buffer stragegy is shared between all socket receive operations.

  Own Id: OTP-19794
  Related Id(s): PR-10231

• Option(s) to create gen_tcp and socket sockets with protocol IPPROTO_MPTCP has been implemented.

  See functions gen_tcp:listen/2, gen_tcp:connect/4 and the type socket:protocol/0.

  Own Id: OTP-19814

• Support for the socket options TCP_KEEPCNT, TCP_KEEPIDLE, and TCP_KEEPINTVL have been implemented for gen_tcp, as well as TCP_USER_TIMEOUT for both gen_tcp and socket.

  Own Id: OTP-19857
  Related Id(s): PR-10390, OTP-19814

  *** HIGHLIGHT ***

• Limit size of sctp_event_subscribe on Linux

  Own Id: OTP-19863
  Related Id(s): PR-10321

Full runtime dependencies of kernel-10.5

crypto-5.0, erts-15.2.5, sasl-3.0, stdlib-6.0

mnesia-4.25

The mnesia-4.25 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• Add missing documentation about mnesia:activity/4

  Own Id: OTP-19769
  Related Id(s): PR-10186

• With this change mnesia will try to not leak internal messages to user processes.

  Own Id: OTP-19855
  Related Id(s): GH-10347, PR-10379

Improvements and New Features

• The mnesia_registry module will be removed in Erlang/OTP 29.

  Own Id: OTP-19808
  Related Id(s): PR-10275

Full runtime dependencies of mnesia-4.25

erts-9.0, kernel-5.3, stdlib-5.0

os_mon-2.11.2

The os_mon-2.11.2 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• Fixed a small documentation mistake in memsup

  Own Id: OTP-19836
  Related Id(s): GH-10330, PR-10308

Full runtime dependencies of os_mon-2.11.2

erts-14.0, kernel-9.0, sasl-4.2.1, stdlib-5.0

public_key-1.20

Note! The public_key-1.20 application cannot be applied independently of other applications on an arbitrary OTP 28 installation.

   On a full OTP 28 installation, also the following runtime
   dependency has to be satisfied:
   -- crypto-5.8 (first satisfied in OTP 28.3)

Fixed Bugs and Malfunctions

• ASN.1 Encoding and decoding of some extensions did not work, e.g. CRLEntryExtension.

  Own Id: OTP-19869
  Related Id(s): GH-10404, PR-10406

Improvements and New Features

• Add support in public_key and ssl for post quantum algorithm SLH-DSA.

  Own Id: OTP-19867
  Related Id(s): PR-10398

  *** HIGHLIGHT ***

Full runtime dependencies of public_key-1.20

asn1-5.0, crypto-5.8, erts-13.0, kernel-8.0, stdlib-4.0

snmp-5.20

The snmp-5.20 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• Fixed a bug where running snmp:config() from Elixir would crash due to io:get_line/1 returning unexpected datatype.

  Own Id: OTP-19883
  Related Id(s): PR-10326

Improvements and New Features

• Inherit ERL_DETERMINISTIC variable for compiling snmp_pdus_basic.beam.

  Own Id: OTP-19885
  Related Id(s): PR-10288

Full runtime dependencies of snmp-5.20

asn1-5.4, crypto-4.6, erts-12.0, kernel-8.0, mnesia-4.12, runtime_tools-1.8.14, stdlib-5.0

ssh-5.4

The ssh-5.4 application can be applied independently of other applications on a full OTP 28 installation.

Improvements and New Features

• Adjustment in ssh_file module allowing inclusion of Erlang/OTP license in test files containing keys.

  Own Id: OTP-19743
  Related Id(s): PR-10177

  *** POTENTIAL INCOMPATIBILITY ***

Full runtime dependencies of ssh-5.4

crypto-5.0, erts-14.0, kernel-10.3, public_key-1.6.1, runtime_tools-1.15.1, stdlib-5.0, stdlib-6.0

ssl-11.5

Note! The ssl-11.5 application cannot be applied independently of other applications on an arbitrary OTP 28 installation.

   On a full OTP 28 installation, also the following runtime
   dependencies have to be satisfied:
   -- crypto-5.8 (first satisfied in OTP 28.3)
   -- public_key-1.18.3 (first satisfied in OTP 28.1)

Fixed Bugs and Malfunctions

• Setting the internal process links between TLS distribution processes has been reviewed. In the TLS distribution test framework there were issues fixed, but probably not in the TLS distribution module.

  Own Id: OTP-19805
  Related Id(s): PR-10232

• Correct documentation for fail_if_no_peer_cert option.

  Own Id: OTP-19828
  Related Id(s): PR-10333

Improvements and New Features

• Add support for MLKEM hybrid algorithms x25519mlkem768, secp384r1mlkem1024, secp256r1mlkem768 in TLS-1.3

  Own Id: OTP-19767
  Related Id(s): PR-10262

  *** HIGHLIGHT ***

• Property based test needed to compare raw handshakes, that is some utility decoding needs to be converted back.

  Own Id: OTP-19829
  Related Id(s): PR-10335

• Add support in public_key and ssl for post quantum algorithm SLH-DSA.

  Own Id: OTP-19867
  Related Id(s): PR-10398

  *** HIGHLIGHT ***

Full runtime dependencies of ssl-11.5

crypto-5.8, erts-16.0, inets-5.10.7, kernel-10.3, public_key-1.18.3, runtime_tools-1.15.1, stdlib-7.0

stdlib-7.2

Note! The stdlib-7.2 application cannot be applied independently of other applications on an arbitrary OTP 28 installation.

   On a full OTP 28 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-16.0.3 (first satisfied in OTP 28.0.3)

Fixed Bugs and Malfunctions

• When creating a tar archive using erl_tar, leading slashes would be kept for filenames with up to 100 characters. The slash would be dropped for longer filenames. This has been corrected to always keep the leading slash.

  Own Id: OTP-19066
  Related Id(s): PR-8309

• For some function heads or case expressions with a huge number of clauses, the compiler could spend an inordinate amount of time compiling the code.

  Own Id: OTP-19797
  Related Id(s): PR-10252

• Passing a type for a fun as a macro argument would result in a "badly formed argument" error message from the compiler. Example:

  -module(test).
  -define(FOO(X), X).
  -type foo() :: ?FOO(fun(() -> ok)).
  

  Compiling this module would result in the following error message:

  test.erl:3:17: badly formed argument for macro 'FOO'
  %    5| -type foo() :: ?FOO(fun(() -> ok)).
  %
  

  Own Id: OTP-19821
  Related Id(s): GH-10280, PR-10309

• Fixed an issue that prohibited the use of user defined functions within a restricted shell.

  Own Id: OTP-19833
  Related Id(s): PR-10315

• The deprecated function crypto:rand_uniform/2 has gotten a new replacement function crypto:strong_rand_range/1. When implementing this the documentation of crypto and rand has been rewritten a bit and improved.

  Own Id: OTP-19841
  Related Id(s): PR-10344

• Fixed a bug in the shell where a reference to a locally defined function would cause a crash.

  Own Id: OTP-19850
  Related Id(s): GH-10294

Improvements and New Features

• You are now able to read the reference manual with man.

  Own Id: OTP-19787
  Related Id(s): PR-10237

• Improved spec for ets:lookup_element/4.

  Own Id: OTP-19798
  Related Id(s): PR-10236

• The mnesia_registry module will be removed in Erlang/OTP 29.

  Own Id: OTP-19808
  Related Id(s): PR-10275

Full runtime dependencies of stdlib-7.2

compiler-5.0, crypto-4.5, erts-16.0.3, kernel-10.0, sasl-3.0, syntax_tools-3.2.1

wx-2.5.3

The wx-2.5.3 application can be applied independently of other applications on a full OTP 28 installation.

Fixed Bugs and Malfunctions

• Fix getting wxImage pixel values. For example, wxImage:getRed(Image) returned the wrong value.

  Creating OpenGL windows should now work again.

  Own Id: OTP-19823
  Related Id(s): PR-10314

• Fixed reading out of array bounds and potential memory leaks.

  Own Id: OTP-19843
  Related Id(s): PR-10353

Improvements and New Features

• Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with purl pointing to the exact vendor commit that Erlang/OTP builds upon.

  Own Id: OTP-19777
  Related Id(s): PR-10216

Full runtime dependencies of wx-2.5.3

erts-12.0, kernel-8.0, stdlib-5.0

Thanks to

Alexandre Rodrigues, Andrew Bennett, Anton Thomasson, Dmytro Lytovchenko, jakob svenningsson, João Henrique Ferreira de Freitas, Marcelino Alberdi Pereira, Maria Scott, Marko Mindek, Michael Neumann, Stavros Aronis, Sundeep Katepalli, Svilen Ivanov, Tom, Vladislav Grishenko, wallacegibbon

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [erlang](https://github.com/erlang/otp) | minor | `28.2` -> `28.3` | --- ### Release Notes <details> <summary>erlang/otp (erlang)</summary> ### [`v28.3`](https://github.com/erlang/otp/releases/tag/OTP-28.3): OTP 28.3 [Compare Source](https://github.com/erlang/otp/compare/OTP-28.2...OTP-28.3) ``` Patch Package: OTP 28.3 Git Tag: OTP-28.3 Date: 2025-12-10 Trouble Report Id: OTP-16607, OTP-19066, OTP-19626, OTP-19717, OTP-19738, OTP-19743, OTP-19767, OTP-19769, OTP-19777, OTP-19787, OTP-19789, OTP-19794, OTP-19797, OTP-19798, OTP-19802, OTP-19803, OTP-19805, OTP-19808, OTP-19812, OTP-19814, OTP-19819, OTP-19821, OTP-19823, OTP-19828, OTP-19829, OTP-19833, OTP-19835, OTP-19836, OTP-19837, OTP-19840, OTP-19841, OTP-19843, OTP-19847, OTP-19848, OTP-19850, OTP-19852, OTP-19854, OTP-19855, OTP-19856, OTP-19857, OTP-19859, OTP-19862, OTP-19863, OTP-19867, OTP-19869, OTP-19870, OTP-19872, OTP-19873, OTP-19875, OTP-19876, OTP-19877, OTP-19878, OTP-19879, OTP-19880, OTP-19883, OTP-19884, OTP-19885, OTP-19888 Seq num: ERIERL-1251, GH-10254, GH-10255, GH-10280, GH-10282, GH-10294, GH-10299, GH-10322, GH-10330, GH-10347, GH-10367, GH-10368, GH-10404, GH-10432, GH-8235, GH-8329, GH-9997, OTP-16608, OTP-19814, PR-10064, PR-10128, PR-10149, PR-10177, PR-10186, PR-10216, PR-10231, PR-10232, PR-10236, PR-10237, PR-10242, PR-10252, PR-10256, PR-10257, PR-10262, PR-10268, PR-10275, PR-10283, PR-10288, PR-10307, PR-10308, PR-10309, PR-10314, PR-10315, PR-10317, PR-10321, PR-10323, PR-10326, PR-10333, PR-10335, PR-10344, PR-10349, PR-10353, PR-10362, PR-10364, PR-10369, PR-10374, PR-10379, PR-10383, PR-10388, PR-10390, PR-10391, PR-10394, PR-10398, PR-10405, PR-10406, PR-10410, PR-10428, PR-10435, PR-10439, PR-10452, PR-8309, PR-9983 System: OTP Release: 28 Application: common_test-1.29.1, compiler-9.0.4, crypto-5.8, diameter-2.6, erl_interface-5.6.2, erts-16.2, eunit-2.10.1, inets-9.5, kernel-10.5, mnesia-4.25, os_mon-2.11.2, public_key-1.20, snmp-5.20, ssh-5.4, ssl-11.5, stdlib-7.2, wx-2.5.3 Predecessor: OTP 28.2 ``` Check out the git tag OTP-28.3, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp\_patch\_apply' tool. For information on install requirements, see descriptions for each application version below. ### HIGHLIGHTS - Add support for MLKEM hybrid algorithms x25519mlkem768, secp384r1mlkem1024, secp256r1mlkem768 in TLS-1.3 Own Id: OTP-19767\ Application(s): ssl\ Related Id(s): [PR-10262] - Support for the socket options TCP\_KEEPCNT, TCP\_KEEPIDLE, and TCP\_KEEPINTVL have been implemented for `gen_tcp`, as well as TCP\_USER\_TIMEOUT for both `gen_tcp` and `socket`. Own Id: OTP-19857\ Application(s): erts, kernel\ Related Id(s): [PR-10390], OTP-19814 - Add support in public\_key and ssl for post quantum algorithm SLH-DSA. Own Id: OTP-19867\ Application(s): public\_key, ssl\ Related Id(s): [PR-10398] - Publish OpenVEX statements in <https://erlang.org/download/vex/> OpenVEX statements contain the same information as the OTP advisories, with the addition of vendor CVEs for which Erlang/OTP is not affected. This is important to silence vulnerability scanners that may claim Erlang/OTP to be vulnerable to vendor dependency projects, e.g., `openssl`. OpenVEX statements will be published in <https://erlang.org/download/vex/> where there will be an OTP file per release, e.g., <https://erlang.org/download/vex/otp-28.openvex.json>. Erlang/OTP publishes OpenVEX statements for all supported releases, that is, as of today, OTP-26, OTP-27, and OTP-28. The source SBOM tooling (oss-review-toolkit) has been updated to produce source SBOM in SPDX v2.3 format, and the source SBOM now links OpenVEX statements to a security external reference. This means that by simply analyzing the source SBOM, everyone can further read the location of the OpenVEX statements and further process them. Own Id: OTP-19878\ Application(s): otp\ Related Id(s): [PR-10428], [PR-10452] ### POTENTIAL INCOMPATIBILITIES - Adjustment in ssh\_file module allowing inclusion of Erlang/OTP license in test files containing keys. Own Id: OTP-19743\ Application(s): ssh\ Related Id(s): [PR-10177] ### OTP-28.3 #### Fixed Bugs and Malfunctions - Broken sidebar application index, for all OTP applications, are restored. Own Id: OTP-19877\ Related Id(s): ERIERL-1251, [PR-10410] #### Improvements and New Features - Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with `purl` pointing to the exact vendor commit that Erlang/OTP builds upon. Own Id: OTP-19777\ Related Id(s): [PR-10216] - OpenVEX statements has been added to rule out false positives on vendor dependencies: CVE-2025-9230, CVE-2025-9231, CVE-2025-9232 Own Id: OTP-19802\ Related Id(s): [GH-10254], [GH-10255], [PR-10256] - The `mnesia_registry` module will be removed in Erlang/OTP 29. Own Id: OTP-19808\ Related Id(s): [PR-10275] - Publish OpenVEX statements in <https://erlang.org/download/vex/> OpenVEX statements contain the same information as the OTP advisories, with the addition of vendor CVEs for which Erlang/OTP is not affected. This is important to silence vulnerability scanners that may claim Erlang/OTP to be vulnerable to vendor dependency projects, e.g., `openssl`. OpenVEX statements will be published in <https://erlang.org/download/vex/> where there will be an OTP file per release, e.g., <https://erlang.org/download/vex/otp-28.openvex.json>. Erlang/OTP publishes OpenVEX statements for all supported releases, that is, as of today, OTP-26, OTP-27, and OTP-28. The source SBOM tooling (oss-review-toolkit) has been updated to produce source SBOM in SPDX v2.3 format, and the source SBOM now links OpenVEX statements to a security external reference. This means that by simply analyzing the source SBOM, everyone can further read the location of the OpenVEX statements and further process them. Own Id: OTP-19878\ Related Id(s): [PR-10428], [PR-10452] \*\*\* HIGHLIGHT \*\*\* ### common\_test-1.29.1 The common\_test-1.29.1 application can be applied independently of other applications on a full OTP 28 installation. #### Improvements and New Features - Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with `purl` pointing to the exact vendor commit that Erlang/OTP builds upon. Own Id: OTP-19777\ Related Id(s): [PR-10216] > #### Full runtime dependencies of common\_test-1.29.1 > > compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4, observer-2.1, runtime\_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0, stdlib-4.0, syntax\_tools-1.7, tools-3.2, xmerl-1.3.8 ### compiler-9.0.4 The compiler-9.0.4 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - For some function heads or `case` expressions with a huge number of clauses, the compiler could spend an inordinate amount of time compiling the code. Own Id: OTP-19797\ Related Id(s): [PR-10252] - Passing a type for a fun as a macro argument would result in a "badly formed argument" error message from the compiler. Example: ``` -module(test). -define(FOO(X), X). -type foo() :: ?FOO(fun(() -> ok)). ``` Compiling this module would result in the following error message: ``` test.erl:3:17: badly formed argument for macro 'FOO' % 5| -type foo() :: ?FOO(fun(() -> ok)). % ``` Own Id: OTP-19821\ Related Id(s): [GH-10280], [PR-10309] - In certain edge cases, the compiler could emit code that would do an unsafe destructive update of a tuple. This has been corrected. Own Id: OTP-19879\ Related Id(s): [GH-10367], [PR-10435] #### Improvements and New Features - The compiler option `beam_debug_stack` combined with `beam_debug_info` will attempt to make as many variables as possible visible in the debugger. The option has no effect if given without `beam_debug_info`. Own Id: OTP-19854\ Related Id(s): [PR-10374] > #### Full runtime dependencies of compiler-9.0.4 > > crypto-5.1, erts-13.0, kernel-8.4, stdlib-6.0 ### crypto-5.8 The crypto-5.8 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - The deprecated function `crypto:rand_uniform/2` has gotten a new replacement function `crypto:strong_rand_range/1`. When implementing this the documentation of `crypto` and `rand` has been rewritten a bit and improved. Own Id: OTP-19841\ Related Id(s): [PR-10344] #### Improvements and New Features - You can now build OTP with OpenSSL 3.5 or later on windows. Own Id: OTP-19848 - Added SLH-DSA algorithms for sign/verify. Twelve variants supported in total; all combinations of SHAKE or SHA2 hashing, with 128, 192 or 256 bits, and fast(`f`) or small(`s`). Own Id: OTP-19856\ Related Id(s): [PR-10268] - Made `crypto:generate_key(dh, [P, G, MaxPrivateKeyBitLength])` accept values of `MaxPrivateKeyBitLength` to be equal or larger than the bit length of `P`. If so, the maximum bit length is adjusted down to `P`'s bit length minus one. Own Id: OTP-19872\ Related Id(s): [PR-10394] > #### Full runtime dependencies of crypto-5.8 > > erts-9.0, kernel-6.0, stdlib-3.9 ### diameter-2.6 The diameter-2.6 application can be applied independently of other applications on a full OTP 28 installation. #### Improvements and New Features - Add new option 'indirect\_inherits' to diameter\_make:codec/2 Own Id: OTP-19626\ Related Id(s): [GH-8235], [PR-10149] > #### Full runtime dependencies of diameter-2.6 > > erts-10.0, kernel-3.2, ssl-9.0, stdlib-5.0 ### erl\_interface-5.6.2 The erl\_interface-5.6.2 application can be applied independently of other applications on a full OTP 28 installation. #### Improvements and New Features - Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with `purl` pointing to the exact vendor commit that Erlang/OTP builds upon. Own Id: OTP-19777\ Related Id(s): [PR-10216] - Updated MD5 implementation from OpenSSL 3.5.0 to 3.6.0 Own Id: OTP-19870\ Related Id(s): [PR-10405] #### Known Bugs and Problems - The `ei` API for decoding/encoding terms is not fully 64-bit compatible since terms that have a representation on the external term format larger than 2 GB cannot be handled. Own Id: OTP-16607\ Related Id(s): OTP-16608 ### erts-16.2 The erts-16.2 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - Fixed a build issue on modern compilers. Own Id: OTP-19789\ Related Id(s): [PR-9983] - When multiple processes called the same fun whose defining module was not loaded, a `badfun` exception could sometimes occur in one of the calling processes. This would only happen with the JIT runtime system. Own Id: OTP-19803\ Related Id(s): [PR-10257] - Fix a bug where Erlang/OTP tools could load a different boot script from CWD. Own Id: OTP-19819\ Related Id(s): [PR-10317] - Fixed a bug when more than one session traced the same BIF. Disabling tracing for a BIF in one session could incorrectly disable tracing of the BIF in other trace sessions as well. Own Id: OTP-19840\ Related Id(s): [PR-10349] - Fixed a slight performance regression in `erlang:binary_to_term/1,2`. Own Id: OTP-19859\ Related Id(s): [GH-8329], [PR-10383] - Two socket related code warts found by PVS Studio has been fixed. One caused `gen_tcp` to no convert the send error `econnaborted` to `econnreset` on Windows. The other caused `socket:sendfile/*` to indicate the wrong error for a bad `Offset`. Own Id: OTP-19862\ Related Id(s): [PR-10362], [PR-10388] - Fixed bug causing VM crash if an Erlang process gets killed while executing `re:run` with a (presumably) large subject string. Own Id: OTP-19888\ Related Id(s): [GH-10432], [PR-10439] #### Improvements and New Features - Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with `purl` pointing to the exact vendor commit that Erlang/OTP builds upon. Own Id: OTP-19777\ Related Id(s): [PR-10216] - Receive buffer allocation has been optimized for `socket` socket in that an underutilized buffers' content is copied to a freshly allocated binary of the right size instead of being reallocated. This optimization was already implemented for the `socket:recv/1` functions, but now the same buffer stragegy is shared between all `socket` receive operations. Own Id: OTP-19794\ Related Id(s): [PR-10231] - Option(s) to create `gen_tcp` and `socket` sockets with protocol IPPROTO\_MPTCP has been implemented. See functions `gen_tcp:listen/2`, `gen_tcp:connect/4` and the type `socket:protocol/0`. Own Id: OTP-19814 - `erlc` will now limit the number of ports and processes when starting `erl` in order to use less memory. Own Id: OTP-19852\ Related Id(s): [PR-10364] - Support for the socket options TCP\_KEEPCNT, TCP\_KEEPIDLE, and TCP\_KEEPINTVL have been implemented for `gen_tcp`, as well as TCP\_USER\_TIMEOUT for both `gen_tcp` and `socket`. Own Id: OTP-19857\ Related Id(s): [PR-10390], OTP-19814 \*\*\* HIGHLIGHT \*\*\* - Limit size of sctp\_event\_subscribe on Linux Own Id: OTP-19863\ Related Id(s): [PR-10321] - Updated MD5 implementation from OpenSSL 3.5.0 to 3.6.0 Own Id: OTP-19870\ Related Id(s): [PR-10405] - Improved performance when doing `socket:accept` on the same socket from many processes on large multi core systems under high rate of connections. Mitigating performance regression seen since OTP 28.0. Own Id: OTP-19873\ Related Id(s): [GH-10322], [PR-10323] - Updated STL version used. Own Id: OTP-19876 - Updated PCRE2 to 10.47. Also picked newer fix, from upstream PCRE2, to bug that could cause benign random uninitialized data in exported regular expressions. Own Id: OTP-19880\ Related Id(s): [PR-10391] > #### Full runtime dependencies of erts-16.2 > > kernel-9.0, sasl-3.3, stdlib-4.1 ### eunit-2.10.1 The eunit-2.10.1 application can be applied independently of other applications on a full OTP 28 installation. #### Improvements and New Features - The usages of deprecated slave module have been removed from the application. The fixture clause for spawning a test node now accepts Args either as a string or a list of strings (previously only a string was accepted). Own Id: OTP-19738\ Related Id(s): [PR-10128] > #### Full runtime dependencies of eunit-2.10.1 > > erts-9.0, kernel-5.3, stdlib-6.0 ### inets-9.5 The inets-9.5 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - Fixed uri\_string:uri\_string() to string() type specs inside httpc.erl module. Own Id: OTP-19835\ Related Id(s): [PR-10242] - Fixed a bug where request options were not applied to a https proxy connection. Own Id: OTP-19875\ Related Id(s): [GH-10368], [PR-10369] #### Improvements and New Features - The usages of slave module in inets were removed. The httpd\_bench\_suite has been updated for SSL testing and is not skipped anymore. The httpd\_load\_test example has been removed completely as outdated. Own Id: OTP-19717\ Related Id(s): [PR-10064] - Replace a call to application:which\_applications() in httpc:set\_options/2 with try...catch to reduce bottleneck. Own Id: OTP-19884\ Related Id(s): [GH-10282], [PR-10307] > #### Full runtime dependencies of inets-9.5 > > erts-14.0, kernel-9.0, mnesia-4.12, public\_key-1.13, runtime\_tools-1.8.14, ssl-9.0, stdlib-5.0, stdlib-6.0 ### kernel-10.5 The kernel-10.5 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - Fixed a shell crash when calling io:getopts() when user\_drv process is not responding/terminating Own Id: OTP-19812\ Related Id(s): [PR-10283] - `logger:get_handler_config/0` will no longer crash if a logger handler is removed concurrently with that call. Own Id: OTP-19837\ Related Id(s): [GH-9997], [PR-10308] - Fixed a bug in the shell that made it incorrectly output a newline after the output already containing a newline but followed by an asci escape sequence. Own Id: OTP-19847\ Related Id(s): [GH-10299] #### Improvements and New Features - Receive buffer allocation has been optimized for `socket` socket in that an underutilized buffers' content is copied to a freshly allocated binary of the right size instead of being reallocated. This optimization was already implemented for the `socket:recv/1` functions, but now the same buffer stragegy is shared between all `socket` receive operations. Own Id: OTP-19794\ Related Id(s): [PR-10231] - Option(s) to create `gen_tcp` and `socket` sockets with protocol IPPROTO\_MPTCP has been implemented. See functions `gen_tcp:listen/2`, `gen_tcp:connect/4` and the type `socket:protocol/0`. Own Id: OTP-19814 - Support for the socket options TCP\_KEEPCNT, TCP\_KEEPIDLE, and TCP\_KEEPINTVL have been implemented for `gen_tcp`, as well as TCP\_USER\_TIMEOUT for both `gen_tcp` and `socket`. Own Id: OTP-19857\ Related Id(s): [PR-10390], OTP-19814 \*\*\* HIGHLIGHT \*\*\* - Limit size of sctp\_event\_subscribe on Linux Own Id: OTP-19863\ Related Id(s): [PR-10321] > #### Full runtime dependencies of kernel-10.5 > > crypto-5.0, erts-15.2.5, sasl-3.0, stdlib-6.0 ### mnesia-4.25 The mnesia-4.25 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - Add missing documentation about mnesia:activity/4 Own Id: OTP-19769\ Related Id(s): [PR-10186] - With this change mnesia will try to not leak internal messages to user processes. Own Id: OTP-19855\ Related Id(s): [GH-10347], [PR-10379] #### Improvements and New Features - The `mnesia_registry` module will be removed in Erlang/OTP 29. Own Id: OTP-19808\ Related Id(s): [PR-10275] > #### Full runtime dependencies of mnesia-4.25 > > erts-9.0, kernel-5.3, stdlib-5.0 ### os\_mon-2.11.2 The os\_mon-2.11.2 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - Fixed a small documentation mistake in memsup Own Id: OTP-19836\ Related Id(s): [GH-10330], [PR-10308] > #### Full runtime dependencies of os\_mon-2.11.2 > > erts-14.0, kernel-9.0, sasl-4.2.1, stdlib-5.0 ### public\_key-1.20 Note! The public\_key-1.20 application *cannot* be applied independently of other applications on an arbitrary OTP 28 installation. ``` On a full OTP 28 installation, also the following runtime dependency has to be satisfied: -- crypto-5.8 (first satisfied in OTP 28.3) ``` #### Fixed Bugs and Malfunctions - ASN.1 Encoding and decoding of some extensions did not work, e.g. `CRLEntryExtension`. Own Id: OTP-19869\ Related Id(s): [GH-10404], [PR-10406] #### Improvements and New Features - Add support in public\_key and ssl for post quantum algorithm SLH-DSA. Own Id: OTP-19867\ Related Id(s): [PR-10398] \*\*\* HIGHLIGHT \*\*\* > #### Full runtime dependencies of public\_key-1.20 > > asn1-5.0, crypto-5.8, erts-13.0, kernel-8.0, stdlib-4.0 ### snmp-5.20 The snmp-5.20 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - Fixed a bug where running snmp:config() from Elixir would crash due to io:get\_line/1 returning unexpected datatype. Own Id: OTP-19883\ Related Id(s): [PR-10326] #### Improvements and New Features - Inherit ERL\_DETERMINISTIC variable for compiling snmp\_pdus\_basic.beam. Own Id: OTP-19885\ Related Id(s): [PR-10288] > #### Full runtime dependencies of snmp-5.20 > > asn1-5.4, crypto-4.6, erts-12.0, kernel-8.0, mnesia-4.12, runtime\_tools-1.8.14, stdlib-5.0 ### ssh-5.4 The ssh-5.4 application can be applied independently of other applications on a full OTP 28 installation. #### Improvements and New Features - Adjustment in ssh\_file module allowing inclusion of Erlang/OTP license in test files containing keys. Own Id: OTP-19743\ Related Id(s): [PR-10177] \*\*\* POTENTIAL INCOMPATIBILITY \*\*\* > #### Full runtime dependencies of ssh-5.4 > > crypto-5.0, erts-14.0, kernel-10.3, public\_key-1.6.1, runtime\_tools-1.15.1, stdlib-5.0, stdlib-6.0 ### ssl-11.5 Note! The ssl-11.5 application *cannot* be applied independently of other applications on an arbitrary OTP 28 installation. ``` On a full OTP 28 installation, also the following runtime dependencies have to be satisfied: -- crypto-5.8 (first satisfied in OTP 28.3) -- public_key-1.18.3 (first satisfied in OTP 28.1) ``` #### Fixed Bugs and Malfunctions - Setting the internal process links between TLS distribution processes has been reviewed. In the TLS distribution test framework there were issues fixed, but probably not in the TLS distribution module. Own Id: OTP-19805\ Related Id(s): [PR-10232] - Correct documentation for fail\_if\_no\_peer\_cert option. Own Id: OTP-19828\ Related Id(s): [PR-10333] #### Improvements and New Features - Add support for MLKEM hybrid algorithms x25519mlkem768, secp384r1mlkem1024, secp256r1mlkem768 in TLS-1.3 Own Id: OTP-19767\ Related Id(s): [PR-10262] \*\*\* HIGHLIGHT \*\*\* - Property based test needed to compare raw handshakes, that is some utility decoding needs to be converted back. Own Id: OTP-19829\ Related Id(s): [PR-10335] - Add support in public\_key and ssl for post quantum algorithm SLH-DSA. Own Id: OTP-19867\ Related Id(s): [PR-10398] \*\*\* HIGHLIGHT \*\*\* > #### Full runtime dependencies of ssl-11.5 > > crypto-5.8, erts-16.0, inets-5.10.7, kernel-10.3, public\_key-1.18.3, runtime\_tools-1.15.1, stdlib-7.0 ### stdlib-7.2 Note! The stdlib-7.2 application *cannot* be applied independently of other applications on an arbitrary OTP 28 installation. ``` On a full OTP 28 installation, also the following runtime dependency has to be satisfied: -- erts-16.0.3 (first satisfied in OTP 28.0.3) ``` #### Fixed Bugs and Malfunctions - When creating a tar archive using [`erl_tar`], leading slashes would be kept for filenames with up to 100 characters. The slash would be dropped for longer filenames. This has been corrected to always keep the leading slash. Own Id: OTP-19066\ Related Id(s): [PR-8309] - For some function heads or `case` expressions with a huge number of clauses, the compiler could spend an inordinate amount of time compiling the code. Own Id: OTP-19797\ Related Id(s): [PR-10252] - Passing a type for a fun as a macro argument would result in a "badly formed argument" error message from the compiler. Example: ``` -module(test). -define(FOO(X), X). -type foo() :: ?FOO(fun(() -> ok)). ``` Compiling this module would result in the following error message: ``` test.erl:3:17: badly formed argument for macro 'FOO' % 5| -type foo() :: ?FOO(fun(() -> ok)). % ``` Own Id: OTP-19821\ Related Id(s): [GH-10280], [PR-10309] - Fixed an issue that prohibited the use of user defined functions within a restricted shell. Own Id: OTP-19833\ Related Id(s): [PR-10315] - The deprecated function `crypto:rand_uniform/2` has gotten a new replacement function `crypto:strong_rand_range/1`. When implementing this the documentation of `crypto` and `rand` has been rewritten a bit and improved. Own Id: OTP-19841\ Related Id(s): [PR-10344] - Fixed a bug in the shell where a reference to a locally defined function would cause a crash. Own Id: OTP-19850\ Related Id(s): [GH-10294] #### Improvements and New Features - You are now able to read the reference manual with man. Own Id: OTP-19787\ Related Id(s): [PR-10237] - Improved spec for `ets:lookup_element/4`. Own Id: OTP-19798\ Related Id(s): [PR-10236] - The `mnesia_registry` module will be removed in Erlang/OTP 29. Own Id: OTP-19808\ Related Id(s): [PR-10275] > #### Full runtime dependencies of stdlib-7.2 > > compiler-5.0, crypto-4.5, erts-16.0.3, kernel-10.0, sasl-3.0, syntax\_tools-3.2.1 ### wx-2.5.3 The wx-2.5.3 application can be applied independently of other applications on a full OTP 28 installation. #### Fixed Bugs and Malfunctions - Fix getting `wxImage` pixel values. For example, `wxImage:getRed(Image)` returned the wrong value. Creating OpenGL windows should now work again. Own Id: OTP-19823\ Related Id(s): [PR-10314] - Fixed reading out of array bounds and potential memory leaks. Own Id: OTP-19843\ Related Id(s): [PR-10353] #### Improvements and New Features - Updated the vendor dependencies SHA to improve the accuracy of the source SBOM with `purl` pointing to the exact vendor commit that Erlang/OTP builds upon. Own Id: OTP-19777\ Related Id(s): [PR-10216] > #### Full runtime dependencies of wx-2.5.3 > > erts-12.0, kernel-8.0, stdlib-5.0 ### Thanks to Alexandre Rodrigues, Andrew Bennett, Anton Thomasson, Dmytro Lytovchenko, jakob svenningsson, João Henrique Ferreira de Freitas, Marcelino Alberdi Pereira, Maria Scott, Marko Mindek, Michael Neumann, Stavros Aronis, Sundeep Katepalli, Svilen Ivanov, Tom, Vladislav Grishenko, wallacegibbon [gh-10254]: https://github.com/erlang/otp/issues/10254 [gh-10255]: https://github.com/erlang/otp/issues/10255 [gh-10280]: https://github.com/erlang/otp/issues/10280 [gh-10282]: https://github.com/erlang/otp/issues/10282 [gh-10294]: https://github.com/erlang/otp/issues/10294 [gh-10299]: https://github.com/erlang/otp/issues/10299 [gh-10322]: https://github.com/erlang/otp/issues/10322 [gh-10330]: https://github.com/erlang/otp/issues/10330 [gh-10347]: https://github.com/erlang/otp/issues/10347 [gh-10367]: https://github.com/erlang/otp/issues/10367 [gh-10368]: https://github.com/erlang/otp/issues/10368 [gh-10404]: https://github.com/erlang/otp/issues/10404 [gh-10432]: https://github.com/erlang/otp/issues/10432 [gh-8235]: https://github.com/erlang/otp/issues/8235 [gh-8329]: https://github.com/erlang/otp/issues/8329 [gh-9997]: https://github.com/erlang/otp/issues/9997 [pr-10064]: https://github.com/erlang/otp/pull/10064 [pr-10128]: https://github.com/erlang/otp/pull/10128 [pr-10149]: https://github.com/erlang/otp/pull/10149 [pr-10177]: https://github.com/erlang/otp/pull/10177 [pr-10186]: https://github.com/erlang/otp/pull/10186 [pr-10216]: https://github.com/erlang/otp/pull/10216 [pr-10231]: https://github.com/erlang/otp/pull/10231 [pr-10232]: https://github.com/erlang/otp/pull/10232 [pr-10236]: https://github.com/erlang/otp/pull/10236 [pr-10237]: https://github.com/erlang/otp/pull/10237 [pr-10242]: https://github.com/erlang/otp/pull/10242 [pr-10252]: https://github.com/erlang/otp/pull/10252 [pr-10256]: https://github.com/erlang/otp/pull/10256 [pr-10257]: https://github.com/erlang/otp/pull/10257 [pr-10262]: https://github.com/erlang/otp/pull/10262 [pr-10268]: https://github.com/erlang/otp/pull/10268 [pr-10275]: https://github.com/erlang/otp/pull/10275 [pr-10283]: https://github.com/erlang/otp/pull/10283 [pr-10288]: https://github.com/erlang/otp/pull/10288 [pr-10307]: https://github.com/erlang/otp/pull/10307 [pr-10308]: https://github.com/erlang/otp/pull/10308 [pr-10309]: https://github.com/erlang/otp/pull/10309 [pr-10314]: https://github.com/erlang/otp/pull/10314 [pr-10315]: https://github.com/erlang/otp/pull/10315 [pr-10317]: https://github.com/erlang/otp/pull/10317 [pr-10321]: https://github.com/erlang/otp/pull/10321 [pr-10323]: https://github.com/erlang/otp/pull/10323 [pr-10326]: https://github.com/erlang/otp/pull/10326 [pr-10333]: https://github.com/erlang/otp/pull/10333 [pr-10335]: https://github.com/erlang/otp/pull/10335 [pr-10344]: https://github.com/erlang/otp/pull/10344 [pr-10349]: https://github.com/erlang/otp/pull/10349 [pr-10353]: https://github.com/erlang/otp/pull/10353 [pr-10362]: https://github.com/erlang/otp/pull/10362 [pr-10364]: https://github.com/erlang/otp/pull/10364 [pr-10369]: https://github.com/erlang/otp/pull/10369 [pr-10374]: https://github.com/erlang/otp/pull/10374 [pr-10379]: https://github.com/erlang/otp/pull/10379 [pr-10383]: https://github.com/erlang/otp/pull/10383 [pr-10388]: https://github.com/erlang/otp/pull/10388 [pr-10390]: https://github.com/erlang/otp/pull/10390 [pr-10391]: https://github.com/erlang/otp/pull/10391 [pr-10394]: https://github.com/erlang/otp/pull/10394 [pr-10398]: https://github.com/erlang/otp/pull/10398 [pr-10405]: https://github.com/erlang/otp/pull/10405 [pr-10406]: https://github.com/erlang/otp/pull/10406 [pr-10410]: https://github.com/erlang/otp/pull/10410 [pr-10428]: https://github.com/erlang/otp/pull/10428 [pr-10435]: https://github.com/erlang/otp/pull/10435 [pr-10439]: https://github.com/erlang/otp/pull/10439 [pr-10452]: https://github.com/erlang/otp/pull/10452 [pr-8309]: https://github.com/erlang/otp/pull/8309 [pr-9983]: https://github.com/erlang/otp/pull/9983 [`erl_tar`]: https://erlang.org/doc/man/erl_tar </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zOS4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

renovate added 1 commit 2025-12-11 00:03:39 +00:00

chore(deps): update dependency erlang to v28.3 dd7a13eed9

renovate scheduled this pull request to auto merge when all checks succeed 2025-12-11 00:03:41 +00:00

renovate merged commit 98ec8c9802 into main 2025-12-11 00:04:36 +00:00

renovate referenced this pull request from a commit 2025-12-11 00:04:36 +00:00

Merge pull request 'chore(deps): update dependency erlang to v28.3' (#152) from renovate/erlang-28.x into main

renovate deleted branch renovate/erlang-28.x 2025-12-11 00:04:37 +00:00

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

siesta-cat/webhook_action_proxy!152

No description provided.